On Tuesday 09 December 2003 20:25, Graham Trott wrote:
When you say "VERY specific rules" does this mean simple port forwarding rules or something more arcane?
Not really, more that I was trying to imply that you should be carefull to allow only what is needed.
Essentially you should treat your untrusted network <> DMZ <> trusted Network rules as carefully as you would treat the ones at a border gateway. Allow too much from the DMZ to the trusted and you are eliminating the whole security advantage of the DMZ in the first place.
Glad you found it helpfull anyway :o)